Scribd Logo
Cargar

¡Te damos la bienvenida a Scribd!

  • P3 05 Protect The Exposure of Data Used in Development and Test Environments

    Cargado por

    AmadouMalickMouamfonMoumbagna
    10 vistas26 páginas
    test environments by oracle

    Título original

    P3 05 Protect the Exposure of Data Used in Development and Test Environments

    Derechos de autor

    © © All Rights Reserved

    Formatos disponibles

    PDF, TXT o lea en línea desde Scribd

    ¿Le pareció útil este documento?

    ¿Este contenido es inapropiado?

    Denunciar este documento
    test environments by oracle

    Copyright:

    © All Rights Reserved
    Descargue como PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    10 vistas26 páginas

    P3 05 Protect The Exposure of Data Used in Development and Test Environments

    Cargado por

    AmadouMalickMouamfonMoumbagna
    test environments by oracle

    Copyright:

    © All Rights Reserved
    Descargue como PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    de 26

    1 Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Oracle Data Masking and


    Data Subsetting

    David Evora, Sales Consulting Manager

    May 2014
    Agenda
    Agenda
    Topics Covered

    Introduction

    Product Overview

    5 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Introduction

    6 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    SECURITY
    Maximum Security for Critical Data Infrastructure

    PREVENTIVE DETECTIVE ADMINISTRATIVE

    Encryption & Redaction Auditing Privilege Analysis

    Masking & Subsetting Activity Monitoring Sensitive Data Discovery

    Privileged User Controls Database Firewall Configuration Management

    7 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Data Proliferation

    Production databases are often cloned to


    development, test/QA, training and demo
    environments.

    Sensitive data can reside anywhere


    including outsourced and cloud
    environments.

    8 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Data Privacy and Proliferation Challenges

    How do you keep track of sensitive


    information being stored in light of ever
    changing application data models?

    How do you sanitize production data in a


    cost-effective manner while keeping it
    relevant for testing purposes?

    9 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Solution Is To Mask and Subset the Data

    Data Masking Data Subsetting

    Replace sensitive production Provision a fractional yet


    data with fictitious yet relationally intact version of
    realistic data the data
    Comply with regulations Reduce storage costs while
    while enabling realistic enabling realistic application
    application testing development

    Secure Application Testing


    10 Copyright 2014, Oracle and/or its affiliates. All rights reserved.
    Product Overview

    11 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Oracle Data Masking and Subsetting Overview
    Production
    DEPT LAST_NAME SSN SALARY
    Non-Production
    10 AGUILAR 987-65-4320 40,000
    DEPT LAST_NAME SSN SALARY
    20 BENSON 987-65-4322 30,000
    10 SMITH 111-23-1111 40,000
    10 CHANDRA 987-65-4324 60,000
    10 JOHNSON 222-34-1345 60,000
    30 DONNER 987-65-4329 50,000

    Provides automated sensitive data discovery and modeling


    Includes extensible discovery patterns and masking formats
    Supports sophisticated masking and subsetting transformations
    Preserves referential integrity so that applications continue to work
    Integrates with related Oracle Database products and technologies
    Supports Oracle and non-Oracle databases through Gateways
    Application templates available for Oracle Apps (EBS, FA, OHI)

    12 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Sensitive Data Discovery and Modeling

    An Application Data Model (ADM) maps out


    a set of schemas, tables and referential
    relationships
    Within an ADM, you can manually identify
    and designate sensitive columns or run an
    automated discovery job
    Discovery jobs find sensitive data by reading
    from the data dictionary and sampling rows
    Matching patterns are chosen from pre-
    defined templates or manually entered

    13 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Extensible Masking Formats

    40+ out of the box masking formats covering


    common sensitive data types
    Built-in primitives for easy expansion of the
    masking format library
    User-defined SQL or PL/SQL functions for
    handling of complex formats
    Auto-update through My Oracle Support
    Define once, deploy everywhere

    14 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Comprehensive Masking Transformations

    Compound
    Multi-column groups such as street address + city + state + zip code
    Condition-Based
    E.g. masking of national identifiers by country-specific format
    Deterministic
    For repeatability, referential integrity across databases and consistency across refreshes
    Reversible
    Key-based, format preserving masking for outsourced data processing
    Shuffle
    Randomization within a population set
    Extensible
    Uses PL/SQL, no Java programming

    15 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Oracle Data Subsetting Transformations

    Criteria Based Storage Goal Based


    Fiscal year % of production size
    Geographic region Target storage footprint

    16 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Security Masking Workflow
    Admin

    Identify Identify
    Format Masking
    Sensitive Data
    Library Definition
    Information Formats
    DBA

    Clone Prod to Review Mask Execute Clone Staging


    Staging Definition Mask to Test

    Prod Staging Test

    17 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information
    Deployment Options

    Mask in Database Heterogeneous Masking

    Masking in database Production Staging Test


    minimizes impact on the 0100101100101010010010010
    0100100100100100100100010
    production system. Clone Subset Clone
    and Mask
    Production Test
    Masking in export ensures
    sensitive data never leaves
    the production database. Database Gateways
    Mask in Export

    Heterogeneous masking for


    Production Masked Data
    Test
    non-Oracle databases uses Pump File
    Mask
    Oracle Gateways. 010010110010101001001001001
    001001001001001001000100101
    Staging

    18 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Integrated Masking

    Perform secure testing using Oracle Real Application Testing.

    Clone, subset and mask using EM Database Life Cycle Management Pack.

    Mask snap-clone images using EM Database Cloud Management Pack.

    Perform incremental masking using Oracle Data Integrator.

    19 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Fast Masking Execution
    Benchmarks on Exadata X2-2 Full Rack

    Mask 600 billion 1% subset of 1% subset +


    row table in 33 100TB table in 6.5 masking of 110TB
    minutes hours table in 5.8 hours

    20 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Evolution of Oracle Data Masking

    Release 10gR4 Release 10gR5 Release 11 Release 12


    First Release Complex mask Non-Oracle Data subsetting
    Bulk masking techniques database support Applications
    Mask primitives Condition-based, DB2, accelerators
    Mask Format Compound SQL Server, EBS
    Library Implementation Sybase Fusion Apps
    PL/SQL-extensible optimizations Command-line Application Data
    library Flashback execution Discovery and
    Export / import to Parallelism Pre- and post- Modeling
    XML Before and after mask support Test tool
    Clone-and-mask Deterministic integration
    masking

    Unique to Oracle

    21 Copyright 2014, Oracle and/or its affiliates. All rights reserved.


    Agenda
    Oracle EM Data Masking Lab Exercises

    LAB CONFIGURATION SETUP OF ENTERPRISE MANAGER - DATA MASKING PACK


    ENVIRONMENT

    LAB EXERCISE 00 ENTERPRISE MANAGER - DATA MASKING PACK OVERVIEW

    LAB EXERCISE 01 CREATING A DATA MODEL

    LAB EXERCISE 02 IDENTIFYING SENSITIVE DATA

    LAB EXERCISE 03 CREATING, EXPORTING & IMPORTING DATA MASKING


    FORMATS
    LAB EXERCISE 04 MASKING SENSITIVE APPLICATION DATA

    23 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information 23
    Agenda
    25 Copyright 2014, Oracle and/or its affiliates. All rights reserved.
    26 Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    También podría gustarte